package com.atguigu.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class SecurityController {

    @RequestMapping("/add.do")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public void add(){
        System.out.println("add");
    }

    @RequestMapping("/dele.do")
    @PreAuthorize("hasAuthority('travelItem_del')")
    public void dele(){
        System.out.println("dele");
    }

    @RequestMapping("/query.do")
    @PreAuthorize("hasAuthority('abc')")
    public void query(){
        System.out.println("query");
    }
}
